aa9d7c88dc54db53e48fa5c748a350c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aa9d7c88dc54db53e48fa5c748a350c0_JaffaCakes118
Size

378KB
MD5

aa9d7c88dc54db53e48fa5c748a350c0
SHA1

c0e2463c3d12b5b03880cdbbe0464a1ae1041c33
SHA256

8f5ccc9147b6825452fc00d4b612fb0f503538a9356edc3d3ba95c36f621c350
SHA512

f1fd2beb329b4314d15150580176b839f21362d3d7c59143afbb004024db86ec92519f28681a05704074b2af2d47ea5803a4c2ae6aacf10bc6ba75750426e54d
SSDEEP

6144:nh4mw03B5UHkWune/O2mI7DJ9fH3qNRLO/Xn0NPZrqUjxMYi1hCUt1+2PjnlLczu:TfXUEW6wO2m+JFH3i4X0NPZUptwsjMQt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa9d7c88dc54db53e48fa5c748a350c0_JaffaCakes118

Files

aa9d7c88dc54db53e48fa5c748a350c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bea4c8492af703252081af156eb182b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetViewportOrgEx
GetNearestPaletteIndex
GetCharWidthW
GetClipRgn
Chord
ScaleViewportExtEx
FixBrushOrgEx
SelectObject
GetObjectW
StrokeAndFillPath
SetBkColor
CreatePolyPolygonRgn
GetTextExtentPoint32W
CloseMetaFile
PlayEnhMetaFile
CreatePolygonRgn
GetWindowExtEx
UpdateICMRegKeyA
GetEnhMetaFileDescriptionA
GetLayout
GetLogColorSpaceW
SetArcDirection
GetOutlineTextMetricsW
GetDeviceCaps
RoundRect

comdlg32

FindTextW
ChooseColorA
LoadAlterBitmap
FindTextA

kernel32

GetModuleHandleA
GetCurrentThread
GetModuleFileNameW
GetCommandLineA
TerminateProcess
GetCurrentProcessId
GetStartupInfoA
GetModuleFileNameA
InitializeCriticalSection
LeaveCriticalSection
GlobalFree
TransmitCommChar
SetHandleCount
GetFileAttributesW
QueryPerformanceCounter
VirtualQuery
GetVersion
GetStdHandle
TlsAlloc
GetSystemTimeAsFileTime
HeapAlloc
TlsSetValue
EnterCriticalSection
LoadLibraryA
GetSystemInfo
GetComputerNameA
LockFileEx
IsBadReadPtr
InterlockedExchangeAdd
HeapDestroy
HeapCreate
GetCurrentProcess
HeapReAlloc
InterlockedExchange
GetFileType
GetLastError
ReadConsoleOutputW
GetProcAddress
WriteConsoleOutputCharacterA
TlsFree
HeapFree
GetEnvironmentStrings
GetCurrentThreadId
TlsGetValue
FreeEnvironmentStringsA
VirtualAllocEx
FreeEnvironmentStringsW
CreateDirectoryW
UnhandledExceptionFilter
GetTickCount
GetEnvironmentStringsW
GetStartupInfoW
FindAtomW
GetNumberFormatA
FindNextChangeNotification
SetLastError
GetCommandLineW
VirtualAlloc
ExitProcess
VirtualFree
WriteFile
DeleteCriticalSection
IsBadWritePtr
RtlUnwind
MultiByteToWideChar

shell32

SHEmptyRecycleBinW
SHGetMalloc
RealShellExecuteExA
ExtractAssociatedIconExW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bea4c8492af703252081af156eb182b2

Headers

File Characteristics

Imports

gdi32

comdlg32

kernel32

shell32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 4KB - Virtual size: 32KB

.data Size: 272KB - Virtual size: 271KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 4KB - Virtual size: 32KB

.data
Size: 272KB - Virtual size: 271KB

.rsrc
Size: 4KB - Virtual size: 3KB